Which of the following is an example of a web application vulnerability?

Cross-site scripting (XSS) is a well-known web application vulnerability that allows attackers to inject malicious scripts into webpages viewed by other users. This vulnerability arises when a web application accepts unvalidated input and then sends that input back to the user's browser without proper sanitization. XSS can lead to various attacks, such as session hijacking, redirecting users to malicious sites, or stealing personal information, thereby compromising the security and integrity of the web application and its users.

While buffer overflow, insecure storage of passwords, and SQL injection are also important security concerns, they represent different categories of vulnerabilities. Buffer overflow primarily affects memory management within software and applications, while insecure storage of passwords addresses how sensitive data is stored. SQL injection focuses on manipulating database queries through unsanitized user input, which is more related to database security rather than web application interactions directly with users. Cross-site scripting, on the other hand, directly exploits the web application's interaction with users and their browsers, making it a quintessential example of a web application vulnerability.